SSL wolfIP is open-source, lightweight TCP/IP stack with no dynamic memory allocations designed for resource-constrained ...

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

The Claude Code leak details the cloud.md memory system and MCP extensibility, including multi-agent coordination and hidden ...

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...

Claude Code 2.1.88 leak exposed 512,000 lines via npm error, fueling supply chain risks and typosquatting attacks.

The Cybersecurity Infrastructure and Security Agency is warning of a high severity in Grassroots DICOM, an open-source ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Gartner issued a same-day advisory after Anthropic leaked Claude Code's full architecture. CrowdStrike CTO Elia Zaitsev and ...

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

Supply chain attacks are increasing in volume, but open source vulnerabilities continue relatively unnoticed.

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...